这篇教程介绍了如何加载你的第一个XDP(eXpress Data Path)BPF(Extended Berkeley Packet Filter)程序。内容包括设置依赖项、编译过程、查看BPF-ELF对象等,适合初学者了解BPF基础和XDP钩子的使用。
摘要由CSDN通过智能技术生成
Tutorial: Basic01 - loading your first BPF program
Welcome to the first step in this XDP tutorial.
The programming language for XDP is eBPF (Extended Berkeley Packet Filter) which we will just refer to as BPF. Thus, this tutorial will also be relevant for learning how to write other BPF programs; however, the main focus is on BPF programs that can be used in the XDP-hook. In this and the following couple of lessons we will be focusing on the basics to get up and running with BPF; the later lessons will then build on this to teach you how to do packet processing with XDP.
Since this is the first lesson, we will start out softly by not actually including any assignments. Instead, just read the text below and make sure you can load the program and that you understand what is going on.
If you don’t want to see the raw BPF instructions add: --no-show-raw-insn. The define/enum XDP_PASS has a value of 2, as can be seen in the dump. The section name “xdp” was defined by SEC("xdp"), and the xdp_prog_simple: is our C-function name.
It does seem overkill to write a C program to simply load and attach a specific BPF-program. However, we still include this in the tutorial since it will help you integrate BPF into other Open Source projects.
As an alternative to writing a new loader, the standard iproute2 tool also contains a BPF ELF loader. However, this loader is not based on libbpf, which unfortunately makes it incompatible when starting to use BPF maps.
The iproute2 loader can be used with the standard ip tool; so in this case you can actually load our ELF-file xdp_pass_kern.o (where we named our ELF section “xdp”) like this:
ip link set dev lo xdpgeneric obj xdp_pass_kern.o sec xdp
Listing the device via ip link show also shows the XDP info:
$ ip link show dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 xdpgeneric qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
prog/xdp id 220 tag 3b185187f1855c4c jited
Removing the XDP program again from the device:
ip link set dev lo xdpgeneric off
Loading using xdp_pass_user
To load the program using our own loader, simply issue this command:
$ sudo ./xdp_pass_user --dev lo --skb-mode
Success: Loading XDP prog name:xdp_prog_simple(id:225) on device:lo(ifindex:1)
Loading it again will fail, as there is already a program loaded. This is because we use the xdp_flag XDP_FLAGS_UPDATE_IF_NOEXIST. This is good practice to avoid accidentally unloading an unrelated XDP program.
$ sudo ./xdp_pass_user --dev lo --skb-mode
ERR: dev:lo link set xdp fd failed (16): Device or resource busy
Hint: XDP already loaded on device use --force to swap/replace
As the hint suggest, the option --force can be used to replace the existing XDP program.
$ sudo ./xdp_pass_user --dev lo --skb-mode --force
Success: Loading XDP prog name:xdp_prog_simple(id:231) on device:lo(ifindex:1)
You can list XDP programs on the device using different commands, and verify that the program ID is the same:
这篇教程介绍了如何加载你的第一个XDP(eXpress Data Path)BPF(Extended Berkeley Packet Filter)程序。内容包括设置依赖项、编译过程、查看BPF-ELF对象等,适合初学者了解BPF基础和XDP钩子的使用。
扫一扫
2216
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
